Module java.base
Package java.security

Class KeyStore.PasswordProtection

java.lang.Object
java.security.KeyStore.PasswordProtection
All Implemented Interfaces:
KeyStore.ProtectionParameter, Destroyable
Enclosing class:
KeyStore
public static class KeyStore.PasswordProtection
extends Object
implements KeyStore.ProtectionParameter, Destroyable
A password-based implementation of ProtectionParameter.
Since:
1.5

  • Constructor Details

    • PasswordProtection

      public PasswordProtection​(char[] password)
      Creates a password parameter.

      The specified password is cloned before it is stored in the new PasswordProtection object.

      Parameters:
      password - the password, which may be null

    • PasswordProtection

      public PasswordProtection​(char[] password, String protectionAlgorithm, AlgorithmParameterSpec protectionParameters)
      Creates a password parameter and specifies the protection algorithm and associated parameters to use when encrypting a keystore entry.

      The specified password is cloned before it is stored in the new PasswordProtection object.

      Parameters:
      password - the password, which may be null
      protectionAlgorithm - the encryption algorithm name, for example, PBEWithHmacSHA256AndAES_256. See the Cipher section in the Java Security Standard Algorithm Names Specification for information about standard encryption algorithm names.
      protectionParameters - the encryption algorithm parameter specification, which may be null
      Throws:
      NullPointerException - if protectionAlgorithm is null
      Since:
      1.8

  • Method Details

    • getProtectionAlgorithm

      public String getProtectionAlgorithm()
      Gets the name of the protection algorithm. If none was set then the keystore provider will use its default protection algorithm.
      Returns:
      the algorithm name, or null if none was set
      Since:
      1.8

    • getProtectionParameters

      public AlgorithmParameterSpec getProtectionParameters()
      Gets the parameters supplied for the protection algorithm.
      Returns:
      the algorithm parameter specification, or null, if none was set
      Since:
      1.8

    • getPassword

      public char[] getPassword()
      Gets the password.

      Note that this method returns a reference to the password. If a clone of the array is created it is the caller's responsibility to zero out the password information after it is no longer needed.

      Returns:
      the password, which may be null
      Throws:
      IllegalStateException - if the password has been cleared (destroyed)
      See Also:
      destroy()

    • destroy

      public void destroy() throws DestroyFailedException
      Clears the password.
      Specified by:
      destroy in interface Destroyable
      Throws:
      DestroyFailedException - if this method was unable to clear the password

    • isDestroyed

      public boolean isDestroyed()
      Determines if password has been cleared.
      Specified by:
      isDestroyed in interface Destroyable
      Returns:
      true if the password has been cleared, false otherwise